CVE-2022-25047

Name of the Vulnerable Software and Affected Versions CWP version 0.9.8.1126

Description The password reset token is generated using known or predictable values.

Recommendations For CWP version 0.9.8.1126, consider disabling the password reset feature until a patch is available to prevent potential exploitation. Restrict access to the password reset functionality to minimize the risk of unauthorized access. Avoid using the password reset token in sensitive operations until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.